Domain > medusa.fi

More information on this domain is in AlienVault OTX

Property	Value
Name	Hallinto
Organization	Oy Medusa Promotion Ab
Address	Kristiinankatu 5
Zip Code	20100
City	TURKU
Phone	+358 2 2752 900
NameServer	ns2.xssl.net
Created	1991-01-01 00:00:00
Changed	2012-07-09 00:00:00
Expires	2015-08-31 00:00:00

DNS Resolutions

Date	IP Address
2014-03-16	83.223.124.21 (ClassC)
2020-09-07	104.247.81.13 (ClassC)
2020-12-02	185.198.10.28 (ClassC)
2023-09-29	13.249.141.102 (ClassC)
2023-09-29	13.249.141.13 (ClassC)
2023-09-29	13.249.141.72 (ClassC)
2023-09-29	13.249.141.96 (ClassC)
2024-05-01	108.156.91.86 (ClassC)
2024-05-01	108.156.91.124 (ClassC)
2024-05-01	108.156.91.42 (ClassC)
2024-05-01	108.156.91.76 (ClassC)
2024-05-19	3.163.189.36 (ClassC)
2024-07-15	18.154.101.61 (ClassC)
2024-07-15	18.154.101.63 (ClassC)
2024-07-15	18.154.101.92 (ClassC)
2024-07-15	18.154.101.41 (ClassC)
2024-10-06	3.163.189.12 (ClassC)
2024-10-18	13.226.52.30 (ClassC)
2024-10-18	13.226.52.66 (ClassC)
2024-10-18	13.226.52.8 (ClassC)
2024-10-18	13.226.52.83 (ClassC)
2024-10-19	18.64.236.60 (ClassC)
2024-10-19	18.64.236.94 (ClassC)
2024-10-19	18.64.236.4 (ClassC)
2024-10-19	18.64.236.59 (ClassC)
2024-10-21	3.161.193.118 (ClassC)
2024-10-21	3.161.193.24 (ClassC)
2024-10-21	3.161.193.97 (ClassC)
2024-10-21	3.161.193.102 (ClassC)
2024-11-06	18.244.202.116 (ClassC)
2024-11-06	18.244.202.26 (ClassC)
2024-11-06	18.244.202.91 (ClassC)
2024-11-06	18.244.202.104 (ClassC)
2024-12-25	52.84.162.101 (ClassC)
2025-01-07	52.84.162.38 (ClassC)
2025-01-27	3.171.22.25 (ClassC)
2025-01-27	3.171.22.39 (ClassC)
2025-01-27	52.85.151.85 (ClassC)
2025-01-27	3.171.22.65 (ClassC)
2025-01-27	3.171.22.94 (ClassC)
2025-03-30	3.163.189.25 (ClassC)
2025-05-07	99.84.66.112 (ClassC)
2025-07-13	99.84.66.102 (ClassC)
2025-08-08	99.84.66.20 (ClassC)
2025-09-17	99.84.66.61 (ClassC)
2025-11-02	3.163.24.54 (ClassC)
2025-11-20	3.163.24.72 (ClassC)
2026-02-13	3.163.24.17 (ClassC)

HTTP/1.1 200 OKContent-Type: text/htmlContent-Length: 83768Connection: keep-aliveDate: Mon, 12 Feb 2024 21:07:10 GMTx-amz-meta-md5chksum: 769d72c56009266464a9799d16ba7a71Content-Encoding: gzipLast-Mod

��콍��Hr�*T��׀�bm�W�����Ⱥ�$k��I��V������&~�{���ȟH��X�Z�4�.32222�Ȍ��_�Eԕhqj��˯�4̏�o�͗_�P�U��p�ªF��ss��7_~�$M�����s.�����Y�>L�}K���H�&��d����O��~+�0I��W�h�83���!A�eQ57����7�o��9}��C!�XI�4I��u��w#��QUI�$E.`a~CUST��.�$�Q��:7M���0�����ss����/�IrB��Ȓ�W�/�e������(ô���pq*�5a�;2�U�/�Z 2�c�Z�C��ţ��SQ��:�a�(GU�H`��|,��y�����4ɿ-*�~��¼ȓ(Lo�>ߜ���w�>e�S�!�ı�UQ��y�|SwDf:cgID�� 7�O�ȈG������* r:��c߁$��1iT������9���鿥auD����M@}M9˘���LyJ>>:Ǣ8��	�Y��GT9Q��ЩTV(*�E�lUEUrLrq��ym�:�&:�Έ�˯(��|�������Z�������������j�Ny�O�o�M��MX57��9z�uؠ爚�O2���B(ov������!���1��)�P�Կy�����a�>ַ?�_��>�NT��A�c}k����/>��a~>��������������ONX?���p��������R�o����w�wqj�2�P��m#�kT5�A��B��/��.���Θ(�r����n������?�.���ps��O�����?߄e�&Q���)����.�/�7�&�67���::�,t��xc���X���?����n���s���m:���1̓�I{��`�֞�7���u��B������w�S�p���M��_�L�L?c�SQ5ѹY$��w��>`8B�+���ڤ���J�e��m������Mk�������+t�f�R��S�Sز��I���P>�C�7�s���Ij�����O�w���q���.2�aI�?�N������0�����Q�TN����sjC;����I��CV��Ԗg�ڎk�jT�ff9�M&Ib��LYtR����!�о(�Mc��͡�2�8�v׵c.�7O)2�Rl����M���������oIޠc�`G�>���ۛ���&�����,~���6w��������?�G�;U�������}�wQ������u�w�������w���䟐_����L�w����w?����ϟo����Ɯzf��$}�%�u������e�U���%�S��.}���Lç���u��ӏ>�Z�*����4?a�6�l?,Wv6In���o���u���p�o1G����t!	ɇۗWvu��V�xN��1y��+z}	��F+vs��n�vVi���5��>�ivׁ�����Y�ކ���$��L��߆��p��.o����$��Z�Y�ކ�m�$����Y�T���u���w�������O���X���y��~xZ&��M���������St�ݾ���?���,����O��+;.��?f��.����_������ww^�kWE�l���v�w�?�m;���X�ޭמ{��m�We�v�և�y� ɿ�ޡ�m�{ۮP�{G�`��vQ������V����Ҵxܽ;������B(߽�ᆴhP����ntw����0߽�6�������)i0:B۱�v���&���ю�����r�W.&�J��zT�-&e��E��*��P�݆U��G����F��}w��!��W(�VI��m�SJ�ll�e+�f�n�ު��qww童m��|�%��|���U�ag�e��~��Y����a�G���o��?�c�����X(�ESX7���I�p��n����0�n��h��ü��n�O��kB���Һ�+���EZT��?%7}/z���}��0�b+eTY�uFh����P���6�~@yZX?y�o��.Ұ�h��7��o�s��j�����н����

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

MD5	A/V
556c3819778ac91261be8821206aa1ca	[Trojan.Zbot.cw3] [Trojan.Crypt.NKN] [Trojan.VBKrypt.Win32.226775] [Trojan.Win32.VBKrypt.cvwaev] [W32/Trojan4.AFNE] [WS.Reputation.1] [Win32/Zbot.IDY] [TROJ_FORUCON.BMC] [Trojan.Win32.VBKrypt.uqco] [Trojan.VBKrypt!sgvTFCNPRto] [UnclassifiedMalware] [BackDoor.Andromeda.273] [TR/Dropper.VB.12577] [Trojan/VBKrypt.jafc] [PWS:Win32/Zbot] [Backdoor/Win32.Androm] [W32/Trojan.XEYN-6246] [Virus.Win32.Heur.p] [Trj/WLT.A] [Win32/Wigon.PH] [Virus.Win32.VBInject] [W32/VBKrypt.PH!tr] [SHeur4.BSLG] [Trojan.Win32.VBKrypt.ahI] [Win32/Trojan.Multi.daf]

Domain > medusa.fi

Is this malicious?

Files that talk to medusa.fi

Whois

DNS Resolutions

Port 80

Port 443